Sorry, I don't know if it is possible to reopen a closed ticket.
The domains that overload the processor seem to be those of nimiq, although it is worth analyzing the page just in case. It seems that external code from https://unpkg.com/@nimiq/ and https://app.analyzz.com is used to load the malicious code from nimiq domains.
Some of the domains I have seen in addition to those already known, and which appear to be related, are:
nim.sh
nmq.zxnexus.com
seed.nimiq.by
nimwss.lolopool.com
In relation to the latter lolopool, I have seen these two more related ones searching on the internet:
nim.lolopool.com
nimwss-us.lolopool.com
Regarding the domain nimiq.community, it seems that the relation with the malicious domains comes because from there the following file is called: https://nimiq.community/seeds.txt
In those txts, I understand there are links to cryptojacking scripts or similar, and the domains are (I think all already known):
seed.nimiqpool.com
nimiq.icemining.ca
node.nimiq.watch
seed.nimiqchina.com
seed.nimiq.jp
nimiq.surf
Website with example
This issue is related to this one: https://github.com/hoshsadiq/adblock-nocoin-list/issues/442
This is the website I found the other day:
https://www.aulafacil.com/cursos/electronica/instalaciones-electricas-intradomiciliarias/tabla-de-conductores-a-utilizar-l42337
Domain causing the CPU spike
Sorry, I don't know if it is possible to reopen a closed ticket.
The domains that overload the processor seem to be those of nimiq, although it is worth analyzing the page just in case. It seems that external code from https://unpkg.com/@nimiq/ and https://app.analyzz.com is used to load the malicious code from nimiq domains.
Some of the domains I have seen in addition to those already known, and which appear to be related, are: nim.sh nmq.zxnexus.com seed.nimiq.by nimwss.lolopool.com
In relation to the latter lolopool, I have seen these two more related ones searching on the internet: nim.lolopool.com nimwss-us.lolopool.com
Regarding the domain nimiq.community, it seems that the relation with the malicious domains comes because from there the following file is called: https://nimiq.community/seeds.txt
This file seems to be also on github: https://github.com/nimiq/community/blob/master/seeds.txt
In those txts, I understand there are links to cryptojacking scripts or similar, and the domains are (I think all already known): seed.nimiqpool.com nimiq.icemining.ca node.nimiq.watch seed.nimiqchina.com seed.nimiq.jp nimiq.surf